//package com.example.config;
//
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//
//
//
///**
// * @author 小苏
// * @ClassName:SecurityConfig
// * @description: TODO
// * @data 2022/12/13 9:11
// * @version: 1.0
// **/
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//        @Override
//        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//            //基于内存来存储用户信息
//           auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
//                   .withUser("whale").password(new BCryptPasswordEncoder().encode("123456")).roles("USER")
//                   .and()
//                   .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("ADMIN");
//
//            //用于数据库来存储用户信息
////            auth.jdbcAuthentication().passwordEncoder(new BCryptPasswordEncoder())
////                    .withUser("whale").password(new BCryptPasswordEncoder().encode("123456")).roles("USER")
////                    .and()
////                    .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("ADMIN");
//        }
//
//        @Override
//        protected void configure(HttpSecurity http) throws Exception {
//            http.authorizeRequests()//配置安全策略
//                    .antMatchers("/","/hello").permitAll()//定义/请求不需要验证
//                    .anyRequest().authenticated()//其余的所有请求都需要验证
//                    .and()
//                    .logout()
//                    .permitAll();//定义logout不需要验证
//            //禁用csrf
//            http.csrf().disable();
//        }
//}